| /* |
| * Copyright (C) 2022 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #include "OS.h" |
| #include "Utils.h" |
| #include "file.h" |
| |
| #include <binder/RpcTransportRaw.h> |
| #include <log/log.h> |
| #include <string.h> |
| #include <sys/socket.h> |
| |
| using android::binder::ReadFully; |
| |
| namespace android::binder::os { |
| |
| // Linux kernel supports up to 253 (from SCM_MAX_FD) for unix sockets. |
| constexpr size_t kMaxFdsPerMsg = 253; |
| |
| status_t setNonBlocking(borrowed_fd fd) { |
| int flags = TEMP_FAILURE_RETRY(fcntl(fd.get(), F_GETFL)); |
| if (flags == -1) { |
| PLOGE("Failed setNonBlocking: Could not get flags for fd"); |
| return -errno; |
| } |
| if (int ret = TEMP_FAILURE_RETRY(fcntl(fd.get(), F_SETFL, flags | O_NONBLOCK)); ret == -1) { |
| PLOGE("Failed setNonBlocking: Could not set non-blocking flag for fd"); |
| return -errno; |
| } |
| return OK; |
| } |
| |
| status_t getRandomBytes(uint8_t* data, size_t size) { |
| unique_fd fd(TEMP_FAILURE_RETRY(open("/dev/urandom", O_RDONLY | O_CLOEXEC | O_NOFOLLOW))); |
| if (!fd.ok()) { |
| return -errno; |
| } |
| |
| if (!ReadFully(fd, data, size)) { |
| return -errno; |
| } |
| return OK; |
| } |
| |
| status_t dupFileDescriptor(int oldFd, int* newFd) { |
| int ret = fcntl(oldFd, F_DUPFD_CLOEXEC, 0); |
| if (ret < 0) { |
| return -errno; |
| } |
| |
| *newFd = ret; |
| return OK; |
| } |
| |
| std::unique_ptr<RpcTransportCtxFactory> makeDefaultRpcTransportCtxFactory() { |
| return RpcTransportCtxFactoryRaw::make(); |
| } |
| |
| ssize_t sendMessageOnSocket(const RpcTransportFd& socket, iovec* iovs, int niovs, |
| const std::vector<std::variant<unique_fd, borrowed_fd>>* ancillaryFds) { |
| if (ancillaryFds != nullptr && !ancillaryFds->empty()) { |
| if (ancillaryFds->size() > kMaxFdsPerMsg) { |
| errno = EINVAL; |
| return -1; |
| } |
| |
| // CMSG_DATA is not necessarily aligned, so we copy the FDs into a buffer and then |
| // use memcpy. |
| int fds[kMaxFdsPerMsg]; |
| for (size_t i = 0; i < ancillaryFds->size(); i++) { |
| fds[i] = std::visit([](const auto& fd) { return fd.get(); }, ancillaryFds->at(i)); |
| } |
| const size_t fdsByteSize = sizeof(int) * ancillaryFds->size(); |
| |
| alignas(struct cmsghdr) char msgControlBuf[CMSG_SPACE(sizeof(int) * kMaxFdsPerMsg)]; |
| |
| msghdr msg{ |
| .msg_iov = iovs, |
| .msg_iovlen = static_cast<decltype(msg.msg_iovlen)>(niovs), |
| .msg_control = msgControlBuf, |
| .msg_controllen = sizeof(msgControlBuf), |
| }; |
| |
| cmsghdr* cmsg = CMSG_FIRSTHDR(&msg); |
| cmsg->cmsg_level = SOL_SOCKET; |
| cmsg->cmsg_type = SCM_RIGHTS; |
| cmsg->cmsg_len = CMSG_LEN(fdsByteSize); |
| memcpy(CMSG_DATA(cmsg), fds, fdsByteSize); |
| |
| msg.msg_controllen = CMSG_SPACE(fdsByteSize); |
| return TEMP_FAILURE_RETRY(sendmsg(socket.fd.get(), &msg, MSG_NOSIGNAL | MSG_CMSG_CLOEXEC)); |
| } |
| |
| msghdr msg{ |
| .msg_iov = iovs, |
| // posix uses int, glibc uses size_t. niovs is a |
| // non-negative int and can be cast to either. |
| .msg_iovlen = static_cast<decltype(msg.msg_iovlen)>(niovs), |
| }; |
| return TEMP_FAILURE_RETRY(sendmsg(socket.fd.get(), &msg, MSG_NOSIGNAL)); |
| } |
| |
| ssize_t receiveMessageFromSocket(const RpcTransportFd& socket, iovec* iovs, int niovs, |
| std::vector<std::variant<unique_fd, borrowed_fd>>* ancillaryFds) { |
| if (ancillaryFds != nullptr) { |
| int fdBuffer[kMaxFdsPerMsg]; |
| alignas(struct cmsghdr) char msgControlBuf[CMSG_SPACE(sizeof(fdBuffer))]; |
| |
| msghdr msg{ |
| .msg_iov = iovs, |
| .msg_iovlen = static_cast<decltype(msg.msg_iovlen)>(niovs), |
| .msg_control = msgControlBuf, |
| .msg_controllen = sizeof(msgControlBuf), |
| }; |
| ssize_t processSize = TEMP_FAILURE_RETRY(recvmsg(socket.fd.get(), &msg, MSG_NOSIGNAL)); |
| if (processSize < 0) { |
| return -1; |
| } |
| |
| for (cmsghdr* cmsg = CMSG_FIRSTHDR(&msg); cmsg != nullptr; cmsg = CMSG_NXTHDR(&msg, cmsg)) { |
| if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) { |
| // NOTE: It is tempting to reinterpret_cast, but cmsg(3) explicitly asks |
| // application devs to memcpy the data to ensure memory alignment. |
| size_t dataLen = cmsg->cmsg_len - CMSG_LEN(0); |
| LOG_ALWAYS_FATAL_IF(dataLen > sizeof(fdBuffer)); // validity check |
| memcpy(fdBuffer, CMSG_DATA(cmsg), dataLen); |
| size_t fdCount = dataLen / sizeof(int); |
| ancillaryFds->reserve(ancillaryFds->size() + fdCount); |
| for (size_t i = 0; i < fdCount; i++) { |
| ancillaryFds->emplace_back(unique_fd(fdBuffer[i])); |
| } |
| break; |
| } |
| } |
| |
| if (msg.msg_flags & MSG_CTRUNC) { |
| errno = EPIPE; |
| return -1; |
| } |
| return processSize; |
| } |
| msghdr msg{ |
| .msg_iov = iovs, |
| // posix uses int, glibc uses size_t. niovs is a |
| // non-negative int and can be cast to either. |
| .msg_iovlen = static_cast<decltype(msg.msg_iovlen)>(niovs), |
| }; |
| |
| return TEMP_FAILURE_RETRY(recvmsg(socket.fd.get(), &msg, MSG_NOSIGNAL)); |
| } |
| |
| } // namespace android::binder::os |